DOCSLIB.ORG

(C//REL) Internet Anonymity 2011

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
(C//REL) Internet Anonymity 2011 MAT A Sek-13-5-c.pdf, Blatt 1 (C//REL) Internet Anonymity 2011 •NSA (S31323) NSTS TOP SECRET//COMINT REL TO USA,FVEY • MAT A Sek-13-5-c.pdf, Blatt 2 (C//REL) What is Internet Anonymity? (U) Many Possible Meanings/Interpretations (S//REL) Simply Not Using Real Name for Email (S//REL) Private Forum with Unadvertised Existence (S//REL) Unbeatable Endpoint on Internet (S//REL) This Talk Concerns Endpoint Location (S//REL) The Network Address (IP Address) is Crucial (S//REL) It is Not Always Sufficient, However • (S//REL) Dynamic IP Address • (S//REL) Mobile Device TOP SECRET//COMINT REL TO USA,FVEY fx *• MAT A Sek-13-5-c.pdf, Blatt 3 (C//REL) What is Internet Anonymity? (S//REL) Anonymity Is Not Simply Encryption (S//REL) Encryption Can Simply Hide Content (S//REL) Anonymity Masks the MetaData and hence association with user (S//SI//REL) Importance of MetaData to SIGINT post-2001 can not be overstated (S//REL) There is also anonymity specifically for publishing information (S//REL) Beyond the Scope othif s Talk! (U) Anonymity is the antithesis of most business transactions (but encryption may be crucial) (U) Authentication for monetary exchange (U) Marketing wants to know customer well (U) The same goes for Taxing Authorities :-) TOP SECRET//COMINT REL TO USA,FVEY fx *• (C//REL) WhMATo A Sek-13-5-c.pdf, Want Blatt 4 s Internet • (U) All Technology is Dual-Use - (U) Nuclear Weapon to Plug Oil Well - (U) Homicide by Hammer • (U) Internet Anonymity for Good - (U) Anonymous Surveys (Ex: Diseases) - (U) Human Rights Bloggers - (U) HUM I NT Sources TOP SECRET//COMINT REL TO USA,FVEY (C//REL) WhMATo A Sek-13-5-c.pdf, Want Blatt 5 s Internet Anonymity? (U) Internet Anonymity for Bad (Semi to Really) (U) Copyright Violators (File Sharing) W (U) Internet Scam Artists (U) Pedophiles (C//REL) Foreign Intelligence Agents (S//REL) Terrorist Actors (Our Concern) (U) Both Cases Use Internet Anonymity Technology (IAT) TOP SECRET//COMINT REL TO USA,FVEY (S//REL) InterneMAT A Sek-13-5-c.pdf,t BlattCensorship 6 : A • (U) Different Scenario - (U//FOUO) User IP Address known - (U//FOUO) User Blocked from accessing certain site IP Addresses - (U//FOUO) Users get around it with Circumvention Technology - Mostly the same as Internet Anonymity Technology (IAT) •« - -—•— TOP SECRET//COMINT REL TO USA,FVEY MAT A Sek-13-5-c.pdf, Blatt 7 (C//REL) Types Of I AT (S//REL) Single Hop Proxies - (S//REL) Web Site Proxies - (S//REL) HTTP/SOCKS Proxies (S//REL) Browser Configured to Access (S//REL) Proxy Aggregator Sites for Both - (S//REL) May support SSL/TLS • (S//REL) HTTP Sites: Only User ~ Proxy • (S//REL) SSL Sites (HTTPS) (S//REL) Transparent (Just Pass the Bits) - (S//REL) Man-in-the-Middle (MITM) TOP SECRET//COMINT REL TO USA,FVEY MAT A Sek-13-5-c.pdf, Blatt 8 (C//REL) Types Of I AT: HTTP P roxi es/Aa aregators (S//REL) Web-Site Proxy Aggregator sites (S//REL) May list thousands of proxies (S//REL) Taxonomy may be country where hosted (S//REL) Taxonomy may be ego/business related (S//REL) Taxonomy may be proxy software related (S//REL) Taxonomy may be provider related (S//REL) Proxy Information IS Temporal (S//REL) Requires active confirmation (S//REL) Requires revisits •« - •— TOP SECRET//COMINT REL TO USA,FVEY MAT A Sek-13-5-c.pdf, Blatt 9 (C//REL) Types Of I AT: HTTP P roxi es/Ag a reg ato rs (S//REL) Web Proxy Sites (and Aggregator sites) - Info We Want • (S//REL) Domain Name (obvious :-)) • (S//REL) Associated IP address(es) (S//REL) Can get live (psiookup, host, dig, etc) (S//REL) Can maybe get internally (Foxtrail, NKB, etc.) • (S//REL) "Exit" IP address (where does user appear?) (S//REL) Obtaining manually easy (http://checkip.dyndns.org) (S//REL) How to Automate? (S//REL) Proxy Discoverer (Originally S31323) (S//REL) Other miscellaneous (cookie modification, SSL support, etc.) •« - -—•— TOP SECRET//COMINT REL TO USA,FVEY MAT A Sek-13-5-c.pdf, Blatt 10 (C//REL) Types Of I AT: HTTP P roxi es/Ag a reg ato rs (S//REL) Web Proxy Aggregator sites Analysis (S//REL) Proxy Discoverer (S//REL) Scrapes Aggregator (ie www.proxy.org) (S//REL) For each proxy, GET • (S//REL) Iterate over software, variations (S//REL) Glype, PHProxy, CGIProxy, ASP.NET, cURLProxy, Surrogafier, Zelune *-• (S//REL) Try multiple times • (S//REL) Aggregator may give software hints (S//REL) Failure may indicate sit edown, or proxy SW modification (S//REL) Results from Proxy Discoverer must bridge low->high (S//REL) Operationalized by NAC/RONIN with NTOC support (project PONTENTPOTABLES) (S//REL) See SDC2011: •« - •— TOP SECRET//COMINT REL TO USA,FVEY MAT A Sek-13-5-c.pdf, Blatt 11 (C//REL) Types Of I AT (S//REL) VPN Anonymity Providers (S//REL) Provider may offer multiple servers • (S//REL) Different Sovereign Nations (S//REL) Different Bandwidths (S//REL) Most fee based: Can vary on time/number o fservers (S//REL) May offer multiple VPN protocols (S//REL) PPTP (No client software) (S//REL) SSH viw'S -:-fl\ C"- (S//REL) OpenVPN (S//REL) L2TP/IPSEC (S//REL) SSTP (S//REL) Communications User <- Server Encrypted TOP SECRET//COMINT REL TO USA,FVEY 11 MAT A Sek-13-5-c.pdf, Blatt 12 • (S//REL) VPN Anonymity Providers (S//REL) Plethora of providers (I found about 200) (S//REL) 12VPN, Ace VPN, Air VPN, AiwaysVPN, Ananoos, AnoCentral, Anonine, Anonyproz, AnonymityNetwork, Anonymizer, Anti-Hadopi, Arethusa, ArtofPing, Astritt, BananaVPN, BeeVPN, BlackLogic, BlackVPN, BolchVPN, BuyProxyService, Change-Mon-IP, Cienen, CtearVPN, ConnectlnPrivate, ConnectionVPN, CrackIP, Cryptline, Cryptocioud, CyberGhostVPN, DarknetVPN, DrakkerVPN, DoubleVPN, ExpressVPN, Eztun, FBVPN, FtashVPN, FQVPN, Freedur, FreeVPN, GateVPN, GoldenFrogVyprVPN, GoTrusted, HappyVPN, HidelPVPN, HideMyAss, Hideway, High- Speed-VPN, HostSpotVPN, HotspotShield, lAPSSecurityStore, ibVPN, IdealVPN, InvisibteBrowsing, iOpusiPig, IPJET, Ipredator, ItsHidden, Ivacy, IVPN, Ksecure, KeyVPN, Kryptnet, LamniaVPN, LeVPN, LibertyVPN, LifeVPN, Linkideo, Loki, MadVPN, MetroPipe, MicroVPN, MonkeyVPN, Mullvad, MyOpenGateway, MyVPN, Overplay, oVPN, PacketlX, PC-Streaming, PerfectPrivacy, Privacy.io, Privacyti, PrivacyTunnet, PrivatelntemetAccess, PrivateVPN, PRQtunnel, PublicVPN, PureVPN, Retakks, RemoteVPN, RoadWarriorVPN, RootPanama, RoxNetworks, SaferSurf, SecretsLine, SecureNetics, SecureSwiss, SecureTunnel, SecureVPN, SlickyProxy SmaliVPN, SofanetSofaLINK, SteganoslnternetAnonymVPN, StrongVPN, SuperVPN, Surf Bouncer, SurfoNym, SurfRescue, SwissPVN, SwitchVPN, TheSafety, Tiggerswelt, tonVPN, Trackbuster, trilightzone, TorrentFreedeom, Tunnelr, TUVPN, UkiVPN, UltraVPN, UnbiockVPN, USAIP, VIPAccounts, VIPVPN, VPN4ALL, VPNDeutschtand, VPNDog, VPNGates, VPNMaster, VPNonline.ru, VPNPrivacy, VPNProNet, VPNSeek, VPNSteel, VPNSwiss, VPNtraffic, VPNTunnel, vpntunnel.se, VPNSecure, VPNod, VPNout, VPNWortd, VyprVPN, Witopia, WortdVPN, WOWVPN, XeroBank, xtra-vpn, YourFreedom, YourPrivateVPN •« - •— TOP SECRET//COMINT REL TO USA,FVEY 12 MAT A Sek-13-5-c.pdf, Blatt 13 • (S//REL) VPN Anonymity Providers (S//REL) Range of Sovereign Nations/Localities in this set huge! (S//REL) Multiple Cities in more popular countries • (S//REL) Most fee based: Can vary on time/number o fservers (S//REL) Most notable exception: Hotspot Shield (Provider AnchorFree) » (S//REL) Advertising supported » (S//REL) Multiple OSINT reports of "most popular" (S//REL) About a half dozen others claim they are free (S//REL) Package deals (Europe, any 3 servers, etc.) sometimes available • (S//REL) Poster child for location selection: I APS (www.intl-alliance.com) (S//REL) AE, AG, Al, AM, AN, AQ, AT, AU, AW, BB, BD, BG, BM, BR, BS, BZ, CA, CH, CL, CN, CO, CR, CU, CY, DK, DO, EE, EG, FJ, GB, GD, Gl, GL, GR, GT, HK, HU, ID, IE, IL, IN, IR, IS, JM, JO, JP, KN, KP, KR, KW, KY, LC, LI, LU, MA, MC, MH, MK, MN, MT, MX, MY, Nl, NO, NP, NZ, OM, PA, PE, PF, PG, PH, PK, PR, PS, PY, QA, RO, RU, SA, SB, SC, SE, SG, SI, SK, SN, TC, TH, TR, TV, TW, UA, US, UZ, VA, VE, VG, VI, VU, ZA, •« - •— TOP SECRET//COMINT REL TO USA,FVEY 13 MAT A Sek-13-5-c.pdf, Blatt 14 (C//REL) Types Of I AT (S//REL) VPN Anonymity Providers (S//REL) Search of SIGINT Forensics Lab Holdings for OpenVPN (S//REL) Using SNAPE Portal (S//REL) OpenVPN specifically because a client is required (S//REL) Listing is just name of IAT provider (S//REL) HotSpot Shield (S//REL) Steganos Anonymous VPN (S//REL) Securenetics (S//REL) General references to using OpenVPN products (S//REL) Several references to IP address only: Need more products in RONIN\ TOP SECRET//COMINT REL TO USA,FVEY 14 MAT A Sek-13-5-c.pdf, Blatt 15 (S//REL) VPN Anonymity Providers (S//REL) What "we" want (S//REL) Server enumeration (S//SI//REL) SIGINT: Obvious - target using such a service » (S//SI//REL) One hop, so enough coverage means success! (S//SI//REL) Compliance: FAA - Is target in US is important! (S//REL) Exploiting User VPN traffic (S//SI//REL) Very case by case » (S//SI//REL) Coverage (may need 2 sided collection) » (S//SI//REL) Protocol (may or may not have vulnerabilities) » (S//SI//REL) Settings (implementation important) » (TS//SI//REL) "Collateral" - NCSC, TAO, FISA, etc. » (S//SI//REL) Request sent to CES if important •« - •— TOP SECRET//COMINT REL TO USA,FVEY MAT A Sek-13-5-c.pdf, Blatt 16 (C//REL) Types Of I AT (S//REL) VPN Anonymity Providers (S//REL) Server enumeration (S//SI//REL) Manual work with Covered Internet (Linux/Windows) (S//SI//REL) Sometimes info derived from documentation (S//SI//REL) Sometimes need to access service (S//SI//REL) May be a trial version to get "seed" (S//SI//REL) Even if paid may only get some servers (S//SI//REL) Some providers give you the works, YMMV (S//SI//REL) Try to minimize work! (S//SI//REL) Try to extend seed(S//REL) (S//SI//REL) DNS "Pattern", ex.
Load more

Recommended publications
  • UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations
    UC Santa Barbara UC Santa Barbara Electronic Theses and Dissertations Title A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Permalink https://escholarship.org/uc/item/6w76f8x7 Author Swift, Kathy Publication Date 2017 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA Santa Barbara A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Education by Kathleen Anne Swift Committee in charge: Professor Richard Duran, Chair Professor Diana Arya Professor William Robinson September 2017 The dissertation of Kathleen Anne Swift is approved. ................................................................................................................................ Diana Arya ................................................................................................................................ William Robinson ................................................................................................................................ Richard Duran, Committee Chair June 2017 A Web of Extended Metaphors in the Guerilla Open Access Manifesto of Aaron Swartz Copyright © 2017 by Kathleen Anne Swift iii ACKNOWLEDGEMENTS I would like to thank the members of my committee for their advice and patience as I worked on gathering and analyzing the copious amounts of research necessary to
    [Show full text]
  • Applications Log Viewer
    4/1/2017 Sophos Applications Log Viewer MONITOR & ANALYZE Control Center Application List Application Filter Traffic Shaping Default Current Activities Reports Diagnostics Name * Mike App Filter PROTECT Description Based on Block filter avoidance apps Firewall Intrusion Prevention Web Enable Micro App Discovery Applications Wireless Email Web Server Advanced Threat CONFIGURE Application Application Filter Criteria Schedule Action VPN Network Category = Infrastructure, Netw... Routing Risk = 1-Very Low, 2- FTPS-Data, FTP-DataTransfer, FTP-Control, FTP Delete Request, FTP Upload Request, FTP Base, Low, 4... All the Allow Authentication FTPS, FTP Download Request Characteristics = Prone Time to misuse, Tra... System Services Technology = Client Server, Netwo... SYSTEM Profiles Category = File Transfer, Hosts and Services Confe... Risk = 3-Medium Administration All the TeamViewer Conferencing, TeamViewer FileTransfer Characteristics = Time Allow Excessive Bandwidth,... Backup & Firmware Technology = Client Server Certificates Save Cancel https://192.168.110.3:4444/webconsole/webpages/index.jsp#71826 1/4 4/1/2017 Sophos Application Application Filter Criteria Schedule Action Applications Log Viewer Facebook Applications, Docstoc Website, Facebook Plugin, MySpace Website, MySpace.cn Website, Twitter Website, Facebook Website, Bebo Website, Classmates Website, LinkedIN Compose Webmail, Digg Web Login, Flickr Website, Flickr Web Upload, Friendfeed Web Login, MONITOR & ANALYZE Hootsuite Web Login, Friendster Web Login, Hi5 Website, Facebook Video
    [Show full text]
  • Introduction Points
    Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database) TORLINKS Directory for .onion sites, moderated. Core.onion - Simple onion bootstrapping Deepsearch - Another search engine. DuckDuckGo - A Hidden Service that searches the clearnet. TORCH - Tor Search Engine. Claims to index around 1.1 Million pages. Welcome, We've been expecting you! - Links to basic encryption guides. Onion Mail - SMTP/IMAP/POP3. ***@onionmail.in address. URSSMail - Anonymous and, most important, SECURE! Located in 3 different servers from across the globe. Hidden Wiki Mirror - Good mirror of the Hidden Wiki, in the case of downtime. Where's pedophilia? I WANT IT! Keep calm and see this. Enter at your own risk. Site with gore content is well below. Discover it! Financial Services Currencies, banks, money markets, clearing houses, exchangers. The Green Machine Forum type marketplace for CCs, Paypals, etc.... Some very good vendors here!!!! Paypal-Coins - Buy a paypal account and receive the balance in your bitcoin wallet. Acrimonious2 - Oldest escrowprovider in onionland. BitBond - 5% return per week on Bitcoin Bonds. OnionBC Anonymous Bitcoin eWallet, mixing service and Escrow system. Nice site with many features. The PaypalDome Live Paypal accounts with good balances - buy some, and fix your financial situation for awhile. EasyCoin - Bitcoin Wallet with free Bitcoin Mixer. WeBuyBitcoins - Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more. Cheap Euros - 20€ Counterfeit bills. Unbeatable prices!! OnionWallet - Anonymous Bitcoin Wallet and Bitcoin Laundry. BestPal BestPal is your Best Pal, if you need money fast. Sells stolen PP accounts.
    [Show full text]
  • An Investigative Study of Cryptocurrency Abuses in the Dark Web
    Cybercriminal Minds: An investigative study of cryptocurrency abuses in the Dark Web Seunghyeon Leeyz Changhoon Yoonz Heedo Kangy Yeonkeun Kimy Yongdae Kimy Dongsu Hany Sooel Sony Seungwon Shinyz yKAIST zS2W LAB Inc. {seunghyeon, kangheedo, yeonk, yongdaek, dhan.ee, sl.son, claude}@kaist.ac.kr {cy}@s2wlab.com Abstract—The Dark Web is notorious for being a major known as one of the major drug trading sites [13], [22], and distribution channel of harmful content as well as unlawful goods. WannaCry malware, one of the most notorious ransomware, Perpetrators have also used cryptocurrencies to conduct illicit has actively used the Dark Web to operate C&C servers [50]. financial transactions while hiding their identities. The limited Cryptocurrency also presents a similar situation. Apart from coverage and outdated data of the Dark Web in previous studies a centralized server, cryptocurrencies (e.g., Bitcoin [58] and motivated us to conduct an in-depth investigative study to under- Ethereum [72]) enable people to conduct peer-to-peer trades stand how perpetrators abuse cryptocurrencies in the Dark Web. We designed and implemented MFScope, a new framework which without central authorities, and thus it is hard to identify collects Dark Web data, extracts cryptocurrency information, and trading peers. analyzes their usage characteristics on the Dark Web. Specifically, Similar to the case of the Dark Web, cryptocurrencies MFScope collected more than 27 million dark webpages and also provide benefits to our society in that they can redesign extracted around 10 million unique cryptocurrency addresses for Bitcoin, Ethereum, and Monero. It then classified their usages to financial trading mechanisms and thus motivate new business identify trades of illicit goods and traced cryptocurrency money models, but are also adopted in financial crimes (e.g., money flows, to reveal black money operations on the Dark Web.
    [Show full text]
  • Torward: DISCOVERY, BLOCKING, and TRACEBACK of MALICIOUS TRAFFIC OVER Tor 2517
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 10, NO. 12, DECEMBER 2015 2515 TorWard: Discovery, Blocking, and Traceback of Malicious Traffic Over Tor Zhen Ling, Junzhou Luo, Member, IEEE,KuiWu,Senior Member, IEEE, Wei Yu, and Xinwen Fu Abstract— Tor is a popular low-latency anonymous communi- I. INTRODUCTION cation system. It is, however, currently abused in various ways. OR IS a popular overlay network that provides Tor exit routers are frequently troubled by administrative and legal complaints. To gain an insight into such abuse, we designed Tanonymous communication over the Internet for and implemented a novel system, TorWard, for the discovery and TCP applications and helps fight against various Internet the systematic study of malicious traffic over Tor. The system censorship [1]. It serves hundreds of thousands of users and can avoid legal and administrative complaints, and allows the carries terabyte of traffic daily. Unfortunately, Tor has been investigation to be performed in a sensitive environment such abused in various ways. Copyrighted materials are shared as a university campus. An intrusion detection system (IDS) is used to discover and classify malicious traffic. We performed through Tor. The black markets (e.g., Silk Road [2], an comprehensive analysis and extensive real-world experiments to online market selling goods such as pornography, narcotics validate the feasibility and the effectiveness of TorWard. Our or weapons1) can be deployed through Tor hidden service. results show that around 10% Tor traffic can trigger IDS alerts. Attackers also run botnet Command and Control (C&C) Malicious traffic includes P2P traffic, malware traffic (e.g., botnet servers and send spam over Tor.
    [Show full text]
  • Monitoring the Dark Web and Securing Onion Services
    City University of New York (CUNY) CUNY Academic Works Publications and Research Queensborough Community College 2017 Monitoring the Dark Web and Securing Onion Services John Schriner CUNY Queensborough Community College How does access to this work benefit ou?y Let us know! More information about this work at: https://academicworks.cuny.edu/qb_pubs/41 Discover additional works at: https://academicworks.cuny.edu This work is made publicly available by the City University of New York (CUNY). Contact: [email protected] Monitoring the Dark Web Schriner 1 John Schriner Monitoring the Dark Web Contrary to what one may expect to read with a title like Monitoring the Dark Web, this paper will focus less on how law enforcement works to monitor hidden web sites and services and focus more on how academics and researchers monitor this realm. The paper is divided into three parts: Part One discusses Tor research and how onion services work; Part Two discusses tools that researchers use to monitor the dark web; Part Three tackles the technological, ethical, and social interests at play in securing the dark web. Part One: Tor is Research-Driven Tor (an acronym for 'the onion router' now stylized simply 'Tor') is an anonymity network in which a user of the Tor Browser connects to a website via three hops: a guard node, a middle relay, and an exit node. The connection is encrypted with three layers, stripping a layer at each hop towards its destination server. No single node has the full picture of the connection along the circuit: the guard knows only your IP but not where the destination is; the middle node knows the guard and the exit node; the exit node knows only the middle node and the final destination.
    [Show full text]
  • Technical and Legal Overview of the Tor Anonymity Network
    Emin Çalışkan, Tomáš Minárik, Anna-Maria Osula Technical and Legal Overview of the Tor Anonymity Network Tallinn 2015 This publication is a product of the NATO Cooperative Cyber Defence Centre of Excellence (the Centre). It does not necessarily reflect the policy or the opinion of the Centre or NATO. The Centre may not be held responsible for any loss or harm arising from the use of information contained in this publication and is not responsible for the content of the external sources, including external websites referenced in this publication. Digital or hard copies of this publication may be produced for internal use within NATO and for personal or educational use when for non- profit and non-commercial purpose, provided that copies bear a full citation. www.ccdcoe.org [email protected] 1 Technical and Legal Overview of the Tor Anonymity Network 1. Introduction .................................................................................................................................... 3 2. Tor and Internet Filtering Circumvention ....................................................................................... 4 2.1. Technical Methods .................................................................................................................. 4 2.1.1. Proxy ................................................................................................................................ 4 2.1.2. Tunnelling/Virtual Private Networks ............................................................................... 5
    [Show full text]
  • The Tor Dark Net
    PAPER SERIES: NO. 20 — SEPTEMBER 2015 The Tor Dark Net Gareth Owen and Nick Savage THE TOR DARK NET Gareth Owen and Nick Savage Copyright © 2015 by Gareth Owen and Nick Savage Published by the Centre for International Governance Innovation and the Royal Institute of International Affairs. The opinions expressed in this publication are those of the authors and do not necessarily reflect the views of the Centre for International Governance Innovation or its Board of Directors. This work is licensed under a Creative Commons Attribution — Non-commercial — No Derivatives License. To view this license, visit (www.creativecommons.org/licenses/by-nc- nd/3.0/). For re-use or distribution, please include this copyright notice. 67 Erb Street West 10 St James’s Square Waterloo, Ontario N2L 6C2 London, England SW1Y 4LE Canada United Kingdom tel +1 519 885 2444 fax +1 519 885 5450 tel +44 (0)20 7957 5700 fax +44 (0)20 7957 5710 www.cigionline.org www.chathamhouse.org TABLE OF CONTENTS vi About the Global Commission on Internet Governance vi About the Authors 1 Executive Summary 1 Introduction 2 Hidden Services 2 Related Work 3 Study of HSes 4 Content and Popularity Analysis 7 Deanonymization of Tor Users and HSes 8 Blocking of Tor 8 HS Blocking 9 Conclusion 9 Works Cited 12 About CIGI 12 About Chatham House 12 CIGI Masthead GLOBAL COMMISSION ON INTERNET GOVERNANCE PAPER SERIES: NO. 20 — SEPTEMBER 2015 ABOUT THE GLOBAL ABOUT THE AUTHORS COMMISSION ON INTERNET Gareth Owen is a senior lecturer in the School of GOVERNANCE Computing at the University of Portsmouth.
    [Show full text]
  • Deepweb and Cybercrime It’S Not All About TOR
    A Trend Micro Research Paper Deepweb and Cybercrime It’s Not All About TOR Vincenzo Ciancaglini, Marco Balduzzi, Max Goncharov, and Robert McArdle Forward-Looking Threat Research Team Trend Micro | Deepweb and Cybercrime Contents Abstract ..................................................................................................................................................3 Introduction ...........................................................................................................................................3 Overview of Existing Deepweb Networks ......................................................................................5 TOR ............................................................................................................................................5 I2P ...............................................................................................................................................6 Freenet .......................................................................................................................................7 Alternative Domain Roots ......................................................................................................7 Cybercrime in the TOR Network .......................................................................................................9 TOR Marketplace Overview ..................................................................................................9 TOR Private Offerings ..........................................................................................................14
    [Show full text]
  • Globaleaks: Software Open Source a Servizio Della PA
    GlobaLeaks: Software Open Source a servizio della PA Esperienze di implementazione nella Pubblica Amministrazione del software Open Source per il Whistleblowing GlobaLeaks [email protected] 1 PA e Whistleblowing Inquadramento normativo • D.Lgs. n. 165/2001 Art. 54-bis tutela per il lavoratore – dipendente pubblico – che segnali un illecito o violazione ai soggetti preposti (whistleblowing), proteggendolo contro eventuali ritorsioni da parte di superiori o colleghi. • Legge n. 190/2012 (“Disposizioni per la prevenzione e la repressione della corruzione e dell’illegalità nella pubblica amministrazione”) Art. 1, comma 51 introduce nel D.Lgs. n. 165/2001 (“Norme generali sull’ordinamento del lavoro alle dipendenze delle amministrazioni pubbliche”), l’art. 54-bis“Tutela del dipendente pubblico che segnala illeciti“. E la prima regolamentazione del whistleblowing nella PA • PNA (Piano Nazionale Anticorruzione) “L’adozione delle iniziative necessarie deve essere prevista nell’ambito del Piano triennale di prevenzione della corruzione (PTPC) come intervento da realizzare con tempestività” […] “Le P.A. sono tenute ad adottare i necessari accorgimenti tecnici affinché trovi attuazione la tutela del dipendente che effettua segnalazioni e raccomanda la realizzazione di un sistema informatico di segnalazione al fine di indirizzare la segnalazione al destinatario competente assicurando la copertura dei dati identificativi del segnalante” • Determinazione ANAC n. 6 del 28 aprile 2015 “Linee guida in materia di tutela del dipendente pubblico che
    [Show full text]
  • The Onion Crate - Tor Hidden Service Index Protected Onions Add New
    onion.to does not host this content; we are simply a conduit connecting Internet users to content hosted inside the Tor network.. onion.to does not provide any anonymity. You are strongly advised to download the Tor Browser Bundle and access this content over Tor. For more information see our website for more details and send us your feedback. hide Tor2web header Online onions The Onion Crate - Tor Hidden Service Index Protected onions Add new nethack3dzllmbmo.onion A public nethack server. j4ko5c2kacr3pu6x.onion/wordpress Paste or blog anonymously, no registration required. redditor3a2spgd6.onion/r/all Redditor. Sponsored links 5168 online onions. (Ctrl-f is your friend) A AUTOMATED PAYPAL AND CREDIT CARD MARKET 2222bbbeonn2zyyb.onion A Beginner Friendly Comprehensive Guide to Installing and Using A Safer yuxv6qujajqvmypv.onion A Coca Growlog rdkhliwzee2hetev.onion ==> https://freenet7cul5qsz6.onion.to/freenet:USK@yP9U5NBQd~h5X55i4vjB0JFOX P97TAtJTOSgquP11Ag,6cN87XSAkuYzFSq-jyN- 3bmJlMPjje5uAt~gQz7SOsU,AQACAAE/cocagrowlog/3/ A Constitution for the Few: Looking Back to the Beginning ::: Internati 5hmkgujuz24lnq2z.onion ==> https://freenet7cul5qsz6.onion.to/freenet:USK@kpFWyV- 5d9ZmWZPEIatjWHEsrftyq5m0fe5IybK3fg4,6IhxxQwot1yeowkHTNbGZiNz7HpsqVKOjY 1aZQrH8TQ,AQACAAE/acftw/0/ A Declaration of the Independence of Cyberspace ufbvplpvnr3tzakk.onion ==> https://freenet7cul5qsz6.onion.to/freenet:CHK@9NuTb9oavt6KdyrF7~lG1J3CS g8KVez0hggrfmPA0Cw,WJ~w18hKJlkdsgM~Q2LW5wDX8LgKo3U8iqnSnCAzGG0,AAIC-- 8/Declaration-Final%5b1%5d.html A Dumps Market
    [Show full text]
  • Anonymous Javascript Cryptography and Cover Traffic in Whistleblowing Applications
    DEGREE PROJECT IN COMPUTER SCIENCE AND ENGINEERING, SECOND CYCLE, 30 CREDITS STOCKHOLM, SWEDEN 2016 Anonymous Javascript Cryptography and Cover Traffic in Whistleblowing Applications JOAKIM UDDHOLM KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF COMPUTER SCIENCE AND COMMUNICATION Anonymous Javascript Cryptography and Cover Traffic in Whistleblowing Applications JOAKIM HJALMARSSON UDDHOLM Master’s Thesis at NADA Supervisor: Sonja Buchegger, Daniel Bosk Examiner: Johan Håstad Abstract In recent years, whistleblowing has lead to big headlines around the world. This thesis looks at whistleblower systems, which are systems specifically created for whistleblowers to submit tips anonymously. The problem is how to engineer such a system as to maximize the anonymity for the whistleblower whilst at the same time remain usable. The thesis evaluates existing implementations for the whistle- blowing problem. Eleven Swedish newspapers are evaluated for potential threats against their whistleblowing service. I suggest a new system that tries to improve on existing sys- tems. New features includes the introduction of JavaScript cryp- tography to lessen the reliance of trust for a hosted server. Use of anonymous encryption and cover traffic to partially anonymize the recipient, size and timing metadata on submissions sent by the whistleblowers. I explore the implementations of these fea- tures and the viability to address threats against JavaScript in- tegrity by use of cover traffic. The results show that JavaScript encrypted submissions are viable. The tamper detection system can provide some integrity for the JavaScript client. Cover traffic for the initial submissions to the journalists was also shown to be feasible. However, cover traffic for replies sent back-and-forth between whistleblower and journalist consumed too much data transfer and was too slow to be useful.
    [Show full text]